April 11th, 2025
MasterAssessment model to RegScale Models
.msg file type support when uploading files to RegScale EDR Connector type which adds the ability to ingest EDR data from multiple integrations like CrowdStrike, Microsoft Defender, Malwarebytes and future integrations via
Counting informational findings when processing vulnerabilities during
Using the sslVerify from init.yaml or environment variable: to DuroSuite and Sicura API calls
Better authentication errors with Tenable SC and Vulnerability Management (IO)
Required fields on SupplyChain model to match RegScale model
Improved performance when analyzing issues for closure during
Multiple warning messages when was set to false in the file or environment variable
Error when counting vulnerabilities during Tenable SAP import
Error parsing vulnerabilities during OpenText import
Progress bars not behaving correctly during the SAP and SysDig flat file imports
Errors during Tenable SAP and Tenable SysDig integration
recommendations from the Risk model April 10th, 2025
Added option to populate FedRAMP Rev5 Appendix A implementation statements from the Implementation Statement field on the Control Setting tab
Improved application startup performance
April 5th, 2025
Introduction of Wayfinder Builder for creating Wayfinder Templates
Create, edit, and delete Wayfinder Templates
Create, edit, and delete Stages and Activities
Add internal and external links to Wayfinder activities
Select Wayfinder Templates from a form
Select a Wayfinder Template as the Default Wayfinder for a Compliance Setting
Import & Export Wayfinder templates
Wayfinder SSP Dashboard Widget
April 4th, 2025
Fixed repetitive logging message during ScannerIntegration when updating ScanDate
April 4th, 2025
Additional logging during ScannerIntegration to further describe the Vulnerabilities processed
Additional logging to the Qualys total cloud command
FunctionalRole to RegScale Models
Updated risk RegScale model
Conflicting progress bars during the Sicura integration
Control origin, responsibility texts, and rolled up to the implementation during FedRAMP CIS/CRM import
Missing assets and vulnerabilities when scan file contains both fqdn and ip address for the same asset
Wiz inventory command when using the --regscale_id option
Scan date being reset due to sync_findings bug where the kwargs was not being passed in
Due date parsing during Trivy, Grype, and OpenText imports & Tenable IO integration
Errors during the model load --model control command
regscale control_editor command, use regscale model commands instead with --model control option April 3rd, 2025
Component relationships are displayed in the Control Implementations module
A vulnerability section has been added to the Components module
A search bar has been added to both the left and right panels
The user experience of the Control Implementation module has been streamlined
After viewing the first level of children records, the navigation panel opens a grid view of relationships
The scorecard has been redesigned
Implementation Statements for inherited Control Implementations are now optional
Various general styling issues have been resolved
Asset vulnerability section now functions as intended
There is a no selection option available for the Lightening Assessment Result field
Navigation panel now works as expected
Security Plan Scorecard search bar now functions as intended
My Risk Assessment Due Soon widget now renders correctly
Scorecard links now function as intended
April 1st, 2025
Ability to summarize Control Implementations in paragraph format
Asset dates save correctly
FedRAMP Test Case Procedures export saves to file subsystem after generation
Preview button no longer shows for .DOCX files
Questionnaire Profile selection no longer contains duplicates
Questionnaire phone number validation is less restrictive
Users cannot type in Policy Editor
Catalogues import as expected
Wayfinder deep links work correctly
Security Plan Scorecard tiles are properly aligned
Blank rows removed from eMASS Hardware Software export
eMASS SLCM export generates as expected
eMASS POA&M export exports as expected
FedRAMP Appendix A export generates as expected
FedRAMP Test Case Procedures export works as expected
FedRAMP SSP export generates Tables 7-1 and 6-1 correctly
SSP Lab Export
Revision history and review history removed
Additional categorization information added
System Owner added
Removed image headers
Corrected Implementation Status
Deviation export Type column exports correctly
DOE SSP Export generates as expected
Lab SAP and SAR generates as expected
April 1st, 2025
SecurityPlanUsers have access to Continuous Monitoring module
AssessmentUsers have access to Lightening Assessments and the Continuous Monitoring module
The Continuous Monitoring module now inherits RBAC from the parent security plan
SecurityPlanUsers can access the Control Implementations module
Read-only users can no longer:
Delete a questionnaire association
Create a questionnaire
Upload a Continuous Monitoring template
Edit the Categorization tab in the Security Plans module
Create a new Issue in the Security Plans module
Type in Lightning Assessment fields
Type in Control Implementation fields
Create new Lines of Inquiry on a Control Implementation
Create or modify files, links, or comments in the module subsystem
March 28th, 2025
Form Builder issue where save button was missing
Correct styling in Form Builder to align menu
Form Builder losing focus after typing a character into a field
March 28th, 2025
"viewable_by": "everyone" for label creation in ServiceNow issues_and_attachments command.json file support for Snyk & Veracode flat file importing
Veracode .xml File imports
Properties not being created during vulnerability
CrowdStrike sync compliance incorrectly using the catalog control statement when creating new control implementations
Qualys integration not using the sslVerify from init.yaml or environment variable: sslVerify
Vulnerability flag NoIssue was not being honored
RegScale Version fixed and issue where internal version was not being used for validation
